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404 



Class public ClientClassA { 

Method A { 
try{ 

ServerClassM.M( ); // Might throw an authorization exception. 

// Try block successfully executes when 
// invoked by entity with proper authority, 
// such as BankManager 

} 

catch (Auth Exception e) 
{ 

// Codepath not reached for BankManager role 



} 



} 
} 

Class public ClientClassB { 

Method B { 
try{ 

ServerClassM.M( ); // Might throw an authorization exception. 

// Try block falls to execute when invoked 
// by entity with Improper authorization, 
// such as BankTeller 

} 

catch (Auth Exception e) 



} 



// Codepath reached for BankTeller role 



406 



} 

Glass public ServerClassM { 

— Method M ( ) enforces ManagerAuthorization.AuthMethod 
} 

Glass public ManagerAuthorization { 

Method AuthMethod ( ) throws AuthExceptlon { 

// Body of AuthMethod containing authorization process 
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Class public ClientClassA { 

Method A { 
try{ 

ServerClassM.M( ); // Might throw an authorization exception. 

// Try block successfully executes when 
// invoked by entity with proper authority, 
// such as BankManager role 

} 

catch (AuthException e) 



{ 



// Codepath not reached for BankManager role 



} 
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} 

Class public ClientClassB { 

Method B { 
try{ 

ServerClassM.M( ); // Might throw an authorization exception. 

// Try block fails to execute when invoked 
// by entity with improper authorization, 
// such as BankTeller role 

} 

catch (AuthException e) 



{ 



// Codepath reached for BankTeller role 



} 



} 



r Class public ServerClassM enforces ManagerAuthorization.AuthMethod { 



Method M ( ) { 
} 



lUU \ 
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} 



Class public Manager Authorization { 

Method Auth Method ( ) throws AuthException { 
} 
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dec -> classdec 

classdec class classjd extends classjd { { class_field } } 

classdec -> class classjd extends classjd enforces authMethod { { classjield } }^ 
class field vardec 



class field method 



method method id(tyfields) enforces authMethod — 608 

method method Id(tyflelds) = exp 
authMethod method id(tyfields) = exp — 604 

method method id(tyfields):typejd = exp 
authMethod -> method id(tyfields):typejd = exp — 606 

exp new classjd 

exp lvalue id( ) 

exp lvalue id( exp {, exp} ) 
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802 class CC extends Object { 

method A ( ) = { SC:M( ) } 

} 



804 class SC extends Object enforces ACLCIass:R { 

method M ( ) = { body of M } 
method F ( ) = { body of F } 

} 



806 class SC extends Object { 

method M ( ) enforces ACLCIass:R = { body of M } 
method F ( ) = { body of F } 

} 



808 Class SCSG extends SC { 

method M ( ) = { body of M } 

} 

FIG. 8 
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